Image or pictographic based computer login systems and methods

ABSTRACT

Image based login procedures for computer systems include: (a) displaying a first image on a computer screen; (b) receiving user input indicating a portion of the first image; (c) determining if the user input corresponds to a first acceptable user input for user authentication; and (d) proceeding with the authentication procedure when this user input corresponds to the first acceptable user input for user authentication. Additionally or optionally, when proceeding with this authentication procedure, the systems and methods further may include: displaying a second image on the screen; receiving new user input indicating a portion of the second image; and determining if this new input corresponds to a second acceptable user input for user authentication.

CROSS-REFERENCE TO RELATED APPLICATIONS

More than one reissue application has been filed for the reissue of U.S.Pat. No. 7,953,983. This application is a continuation reissue of U.S.application Ser. No. 14/156,044, filed Jan. 15, 2014, which is acontinuation reissue of U.S. Pat. No. RE44,725, filed Mar. 1, 2012,which is an application for reissue of U.S. Pat. No. 7,953,983 B2,issued May 31, 2011.

FIELD OF THE INVENTION

The present invention generally relates to systems, methods, andcomputer-readable media for providing an image or pictographic basedlogin procedure for computer systems or networks. While useful innon-electronic ink environments, such systems and methods may findparticular usefulness in login procedures for pen-based computingsystems and/or other systems that accept electronic ink input.

BACKGROUND

Typical computer systems, especially computer systems using graphicaluser interfaces (“GUIs”), are optimized for accepting user input fromone or more discrete input devices, such as a keyboard for entering textand a pointing device, such as a mouse with one or more buttons, foroperating the user interface. An example of such a GUI is the userinterface for the Windows® computer operating system (available fromMicrosoft Corporation of Redmond, Wash.). The ubiquitous keyboard andmouse interface provides for fast creation and modification ofdocuments, spreadsheets, database fields, drawings, photos, web pages,emails, and the like.

Recently, however, pen-based computing systems, such as tablet personalcomputers (“tablet PCs”), personal digital assistants (“PDAs”), and thelike, have been increasing in popularity. With pen-based computingsystems, user input advantageously may be introduced as “electronic ink”using an electronic “pen” or stylus (e.g., mimicking writing with a penor pencil on a piece of paper). Indeed, in at least some pen-basedcomputing systems, all user input is capable of being entered andmanipulated using an electronic pen input device, and the user interfaceis fully controllable using only the electronic pen.

As pen-based computing systems become more popular, many computeractivities such as access in a computer system become more difficult toimplement. For example, in a computer system in which a user logs intoan individualized account or inputs security information to enter arestricted site, a pen-based computer system creates difficulties forthe user to conveniently and efficiently maneuver the pen or stylus toaccomplish the task.

In a typical computer system, a display is presented to the usercontaining a field in which the user enters a userid and a field inwhich the user enters a corresponding password. Typically, a user inputsinformation via a keyboard. Therefore, if inputting data via a keyboardis problematic (e.g., a keyboard is not available or not convenientlyaccessible), a user may not be able to input data as necessary. In sucha system lacking a conveniently available keyboard, a user would beunable to successfully access information because of the inability toenter authentication information into the system.

In the traditional method of gaining access to a private account, a usertypically enters a password via a keyboard. A password that has a higherlevel of security (i.e., a completely random string of characters thatis not otherwise associated with the user) is typically difficult toremember. Thus, the user often forgets the password and must expendeffort in having the password reset, obtaining the password from asystem administrator, etc. To avoid this inconvenience, the user mayselect a password that is easy to remember, such as the user's date ofbirth. However, such passwords are easy to “crack” and provide verylittle security to the user. This defeats the purpose of having thesecurity system in the first place. Thus, the typical computer user iscaught in a dilemma of trying to maintain a high level of security whileat the same time creating a password that the user can remember. Often,this balance is difficult to achieve. Therefore, a system and method forproviding security is needed that is easy to use for the user withminimal demands on the user's memory while providing a high level ofsecurity against unauthorized users.

The above-noted issues associated with data input of securityinformation, compromise of password security information or loss ofsecurity in computing systems can lead to user frustration. Accordingly,there is a need in the art for improved input of security information,e.g., for use with pen-based computing systems and in other situationswhere keyboards are inconvenient or unavailable.

SUMMARY

Aspects of the present invention relate to systems, methods, andcomputer-readable media for providing image or pictographic based loginprocedures for computer systems or networks. Such systems and methodsmay include: (a) displaying a first image on a computer display screen;(b) receiving a first user input indicating a portion of the first image(e.g., via an electronic ink input system); (c) determining if the firstuser input corresponds to a first acceptable user input for userauthentication (e.g., via a computer processor system); and (d)proceeding with a user authentication procedure when the first userinput corresponds to the first acceptable user input for userauthentication. Additionally or optionally, when proceeding with theuser authentication procedure, systems and methods in accordance withexamples of this invention may further include: displaying a secondimage on the computer display screen; receiving a second user inputindicating a portion of the second image; and determining if the seconduser input corresponds to a second acceptable user input forauthentication. If desired, user access to the computer system ornetwork may be allowed when the first and/or second user inputscorrespond to the acceptable user inputs for user authentication.Aspects of the invention further relate to computer-readable mediaincluding computer-executable instructions stored thereon for providingimage or pictographic based authentication procedures for computersystems or networks like those described above.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features, and advantages of the presentinvention will be more readily apparent and more fully understood fromthe following detailed description, taken in conjunction with theappended drawings, in which:

FIG. 1 illustrates a schematic diagram of an example general-purposedigital computing environment in which at least some aspects of thepresent invention may be implemented;

FIG. 2 illustrates an example pen-based personal computing environmentin which at least some aspects of the present invention may beimplemented;

FIG. 3 illustrates an example of one aspect of the present invention inwhich an image is selected for use as an authentication tool; and

FIGS. 4A, 4B, and 4C illustrate an example of one aspect of theinvention in which a user selects a portion of an image on a display ina user authentication procedure.

When the same reference number is used in more than one of the attacheddrawings, it is intended to refer to the same or similar parts,features, or steps in the various different drawings.

DETAILED DESCRIPTION

As described above, aspects of the present invention relate to systems,methods, and computer-readable media for an image or pictographic loginprocedure. The following description is divided into sub-sections toassist the reader. The sub-sections include: Terms; General Descriptionof Various Aspects of the Invention; Example Hardware; Example Systems,Methods, and Computer-Readable Media According to the Invention; andConclusion.

I. Terms

The following terms are used in this specification and, unless otherwisespecified or clear from the context, the terms have the meaningsprovided below:

“Pen”—Any type of user input device useful in entering electronic inkinto and/or otherwise manipulating or controlling an electronicdocument, a user interface, and/or a computer operating system. Theterms “pen” and “stylus” may be used interchangeably in thisspecification.

“Computer-Readable Medium” means any available media that can beaccessed by a user on a computer system. By way of example, and notlimitation, “computer-readable media” may include computer storage mediaand communication media. “Computer storage media” includes volatile andnonvolatile, removable and non-removable media implemented in any methodor technology for storage of information, such as computer-readableinstructions, data structures, program modules or other data. “Computerstorage media” includes, but is not limited to, RAM, ROM, EEPROM, flashmemory or other memory technology; CD-ROM, digital versatile disks (DVD)or other optical storage devices; magnetic cassettes, magnetic tape,magnetic disk storage or other magnetic storage devices; or any othermedium that can be used to store the desired information and that can beaccessed by a computer. “Communication media” typically embodiescomputer-readable instructions, data structures, program modules orother data in a modulated data signal, such as a carrier wave or othertransport mechanism, and includes any information delivery media. Theterm “modulated data signal” means a signal that has one or more of itscharacteristics set or changed in such a manner as to encode informationin the signal. By way of example, and not limitation, communicationmedia includes wired media, such as a wired network or direct-wiredconnection, and wireless media, such as acoustic, RF, infrared and otherwireless media. Combinations of any of the above should also be includedwithin the scope of “computer-readable media.”

II. General Description of Various Aspects of the Invention

As generally described above, aspects of the present invention relate tosystems, methods, and computer-readable media for providing an image orpictographic based authentication procedure for computer systems ornetworks. The authentication procedure of the present invention may beapplied in any application where authorization of a user is desired. Forexample, a system may require authentication of a user before allowingthe user to “log in” to the user's account. In this situation, a userdesiring access to his personal account on a system may apply theauthentication procedure of the present invention to gain access to theaccount while preventing other unauthorized users from accessing theaccount. Also, the authentication procedure of the present invention maybe applied to accessing protected or private sites, for example, on anintranet or on the internet and/or for accessing or logging on toindividual computers or systems, local area networks, wide areanetworks, or the like. Methods in accordance with at least some examplesof this invention may include: (a) displaying a first image on acomputer display screen; (b) receiving a first user input indicating aportion of the first image; (c) determining if the first user inputcorresponds to a first acceptable login user input; and (d) proceedingwith a user login procedure when the first user input corresponds to thefirst acceptable login user input. Additionally or optionally, whenproceeding with the user login procedure, methods in accordance with atleast some examples of this invention further may include: displaying asecond image on the computer display screen (the second image may be thesame as the first image, an enlargement of part of the first image, acompletely new image, etc.); receiving a second user input indicating aportion of the second image; and determining if the second user inputcorresponds to a second acceptable login user input. If desired, useraccess to the computer system or network may be allowed when the firstand/or second user inputs correspond to the acceptable login userinputs.

Systems in accordance with at least some examples of this invention mayinclude: (a) a computer display screen; (b) an input system forreceiving user input (e.g., such as a digitizer for receiving electronicink input); and (c) a processor system (e.g., including one or moreprocessors) programmed and adapted to: (i) display a first image on acomputer display screen, (ii) determine if a first user input indicatinga portion of the first image corresponds to a first acceptable loginuser input, and (iii) proceed with a user login procedure when the firstuser input corresponds to the first acceptable login user input. In atleast some examples of systems in accordance with this invention, whenthe system proceeds with the user login procedure, the processor systemis further programmed and adapted to: (iv) display a second image on thecomputer display screen, and (v) determine if a second user inputindicating a portion of the second image corresponds to a secondacceptable login user input. If desired, the processor system may allowuser access to the computer system or network when the first and/orsecond user inputs correspond to the acceptable login user inputs.

Systems and methods according to at least some examples of thisinvention may accept user input (e.g., the first and/or second userinputs described above) as electronic ink input. For example, thevarious portions of the image may be “indicated” during the loginprocedure by drawing a predetermined shape at, near, or at leastpartially around the portion of the first image using electronic ink. Ofcourse, various other aspects or characteristics of the input may becontrolled, varied, and/or selected as part of the login procedurewithout departing from the invention. For example, ink color, inkthickness, pen tip shape, or other ink characteristics may be varied;characteristics of the input shape or shapes drawn by the user may bevaried; the number of times a portion of an image is encircled may becontrolled or varied; directional characteristics (e.g., line direction,pen movement direction, etc.) of the input may be varied; initial imageselection to initiate the login procedure may be required (e.g., from apallet of displayed image thumbnails); intermediate image selection tocontinue the login procedure may be required (e.g., from a pallet ofdisplayed image thumbnails); the location(s) and/or number of “breaks”in an encirculation or other input characteristic may be varied; thepictographic login features may be used in combination with other loginprocedures or features, such as password entry, image selection; etc.Various other aspects of the input required during login may be varied,controlled, and used as part of the login security features withoutdeparting from this invention.

Still additional aspects of the invention relate to computer-readablemedia including computer-executable instructions stored thereon forproviding image or pictographic based login procedures for computersystems or networks.

III. Example Hardware

FIG. 1 illustrates a schematic diagram of a general-purpose digitalcomputing environment that may be used to implement various aspects ofthe present invention. In FIG. 1, a computer 100 includes a processingunit 110, a system memory 120, and a system bus 130 that couples varioussystem components (including the system memory 120) to the processingunit 110. The system bus 130 may be any of several types of busstructures including a memory bus or memory controller, a peripheralbus, and a local bus using any of a variety of bus architectures. Thesystem memory 120 may include read only memory (“ROM”) 140 and randomaccess memory (“RAM”) 150.

A basic input/output system 160 (“BIOS”), which contains the basicroutines that help to transfer information between elements within thecomputer 100 (such as during start-up), is stored in the ROM 140. Thecomputer 100 also may include a hard disk drive 170 for reading from andwriting to a hard disk (not shown), a magnetic disk drive 180 forreading from or writing to a removable magnetic disk 190, and/or anoptical disk drive 191 for reading from or writing to a removableoptical disk 199, such as a CD ROM or other optical media. The hard diskdrive 170, magnetic disk drive 180, and optical disk drive 191 areconnected to the system bus 130 by a hard disk drive interface 192, amagnetic disk drive interface 193, and an optical disk drive interface194, respectively. These drives and their associated computer-readablemedia provide nonvolatile storage of computer-readable instructions,data structures, program modules, and other data for the personalcomputer 100. It will be appreciated by those skilled in the art thatother types of computer-readable media that can store data that isaccessible by a computer, such as magnetic cassettes, flash memorycards, digital video disks, BERNOULLI cartridges, random accessmemories, read only memories, and the like, also may be used in theexample operating environment.

A number of program modules can be stored on the hard disk drive 170,magnetic disk 190, optical disk 199, ROM 140, or RAM 150, including anoperating system 195, one or more application programs 196, otherprogram modules 197, and program data 198. A user can enter commands andinformation into the computer 100 through input devices, such as akeyboard 101 and pointing device 102 (such as a mouse). Other inputdevices (not shown) may include a microphone, joystick, game pad,satellite dish, scanner, or the like. These and other input devices maybe connected to the processing unit 110 through a serial port interface106 that is coupled to the system bus 130, but they also may beconnected by other interfaces, such as a parallel port, game port, or auniversal serial bus (USB), and the like. Further still, these devicesmay be coupled directly to the system bus 130 via an appropriateinterface (not shown).

A monitor 107 or other type of display device also may be connected tothe system bus 130 via an interface, such as a video adapter 108. Inaddition to the monitor 107, personal computers typically include otherperipheral output devices (not shown), such as speakers and printers. Inone example, a pen digitizer 165 and accompanying pen or stylus 166 areprovided in order to digitally capture freehand input. Although aconnection between the pen digitizer 165 and the serial port interface106 is shown in FIG. 1, if desired, the pen digitizer 165 may bedirectly coupled to the processing unit 110, or it may be coupled to theprocessing unit 110 in any suitable manner, such as via a parallel portor another interface and the system bus 130 as is known in the art.Furthermore, although the digitizer 165 is shown apart from the monitor107 in FIG. 1, the usable input area of the digitizer 165 may beco-extensive with the display area of the monitor 107. Further still,the digitizer 165 may be integrated in the monitor 107, or it may existas a separate device overlaying or otherwise appended to the monitor107.

The computer 100 can operate in a networked environment using logicalconnections to one or more remote computers, such as a remote computer109. The remote computer 109 can be a server, a router, a network PC, apeer device or other common network node, and it typically may includemany or all of the elements described above relative to the computer100, although for simplicity, only a memory storage device 111 has beenillustrated in FIG. 1. The logical connections depicted in FIG. 1include a local area network (LAN) 112 and a wide area network (WAN)113. Such networking environments are commonplace in offices,enterprise-wide computer networks, intranets, and the Internet, usingboth wired and wireless connections.

When used in a LAN networking environment, the computer 100 may beconnected to the local area network 112 through a network interface oradapter 114. When used in a WAN networking environment, the personalcomputer 100 typically includes a modem 115 or other means forestablishing a communications link over the wide area network 113, suchas the Internet. The modem 115, which may be internal or external to thecomputer 100, may be connected to the system bus 130 via the serial portinterface 106. In a networked environment, program modules depictedrelative to the personal computer 100, or portions thereof, may bestored in a remote memory storage device.

It will be appreciated that the network connections shown are examplesand other techniques for establishing a communications link between thecomputers can be used. The existence of any of various well-knownprotocols such as TCP/IP, Ethernet, FTP, HTTP, UDP, and the like ispresumed, and the system can be operated in a client-serverconfiguration to permit a user to retrieve web pages from a web-basedserver. Any of various conventional web browsers can be used to displayand manipulate data on web pages.

Although the FIG. 1 environment shows one example environment, it willbe understood that other computing environments also may be used insystems and methods according to this invention. For example, one ormore examples of the present invention may use an environment havingfewer than all of the various aspects shown in FIG. 1 and describedabove, and these aspects may appear in various combinations andsubcombinations that will be apparent to one of ordinary skill.Additional features from those shown in FIG. 1 also may be included inenvironments useful with this invention.

FIG. 2 illustrates a pen-based personal computer (“PC”) 201 that may beused in accordance with various aspects of the present invention. Any orall of the features, subsystems, and functions in the system of FIG. 1can be included in the computer of FIG. 2. The pen-based personalcomputer system 201 includes a large display surface 202, e.g., adigitizing flat panel display, such as a liquid crystal display (“LCD”)screen, on which a plurality of windows 203 is displayed. Using stylus204, a user can select, highlight, and write on the digitizing displayarea and thereby enter electronic ink data into the system. Examples ofsuitable digitizing display panels include electromagnetic pendigitizers, such as pen digitizers available from Mutoh Co. (now knownas FinePoint Innovations Co.) or Wacom Technology Co. Other types of pendigitizers, e.g., optical digitizers, also may be used. The pen-basedcomputing system 201 interprets gestures made using stylus 204 in orderto manipulate data, enter text as electronic ink, and executeconventional computer application tasks, such as creating, editing, andmodifying spreadsheets, word processing programs, and the like.

The stylus 204 may be equipped with buttons or other features to augmentits capabilities. In one example, a stylus 204 could be implemented as a“pencil” or “pen,” in which one end constitutes a writing portion andthe other end constitutes an “eraser” end 205, and which, when movedacross the display, indicates portions of electronic ink on the displaythat are to be erased. Other types of input devices, such as a mouse,trackball, keyboard, or the like also may be used. Additionally, auser's own finger could be used as an input device, e.g., for selectingor indicating portions of the displayed image on a touch-sensitive orproximity-sensitive display. Consequently, the term “user input device,”as used herein, is intended to have a broad definition and encompassesmany variations on well-known input devices.

Recently, pen-based computing systems that accept user input via anelectronic pen and/or display at least some forms of input as“electronic ink,” e.g., of the type described above, have increased inpopularity. Use of electronic ink input as opposed to conventional penand paper is advantageous in many respects. For example, electronic inkinput may be electronically stored, filed, and cataloged for future use,which enables it to be easily maintained, located, and shared withothers. Additionally, because electronic ink input can be recognized andconverted to conventional machine-generated text (e.g., text insertableinto, readable by, and useful by conventional computers), it can beelectronically stored, searched, and otherwise used on the computer, forexample, in conventional word processing documents and programs, inspreadsheets, in email programs, in document management programs, in webbrowsers, and the like. Handwriting recognition systems are commerciallyavailable that allow handwritten electronic ink input to be converted tomachine-generated text. One example of a handwriting recognizer is thatprovided with the Windows XP Tablet PC Edition™ operating system(available from Microsoft Corporation of Redmond, Wash.), although otherhandwriting recognizers also are known and may be used in computersystems in accordance with this invention.

In various examples, pen-based computer operating systems provide an inkplatform through direct modification of GINA.dll or as a set ofcomponent object model (“COM”) services that an operating system and/oran application program can use to capture, manipulate, recognize, andstore ink and/or other pen actions or events. The ink platform also mayinclude a mark-up language including a language like the extensiblemarkup language (“XML”). Additional examples of the ink platform may usethe distributed component object model (“DCOM”) implementation. Yetfurther implementations may be used including the Win32 programmingmodel and the .Net programming model from Microsoft Corporation. Suchplatforms are commercially available and known in the art. Electronicink data may be stored in an ink serialized format (“ISF”) or in anyother suitable or desired manner, including in conventional mannersknown to those skilled in the art.

In addition to use with full performance pen-based computing systems or“tablet PCs” (e.g., convertible laptops or “slate” type tablet PCs),aspects of this invention may be used in conjunction with other types ofpen-based computing systems and/or other devices that accept data aselectronic ink and/or that accept, process, or display electronic pen orstylus input, such as: hand-held or palm-top computing systems; personaldigital assistants; pocket personal computers; mobile and cellulartelephones, pagers, and other communication devices; watches;appliances; and any other devices or systems that include monitors orother display devices and/or digitizers that present printed orgraphical information to users and/or allow input using an electronicpen or stylus or that can process electronic ink collected by anotherdevice (e.g., a conventional desktop computer that can processelectronic ink collected by a tablet PC).

Features of the invention now will be described in conjunction with theremaining figures, which illustrate various examples of the inventionand/or contain information to help explain the invention. The specificfigures and information contained in this detailed description should beconstrued as providing examples of the invention and not as limiting theinvention.

IV. Example Systems, Methods, and Computer-Readable Media According tothe Invention

A. Examples of Environments and/or Input Situations that May Benefitfrom Implementation of Systems and Methods According to the Invention

As described above, aspects of the present invention relate generally tosystems and methods that may utilize an image in user authorization orauthentication (e.g., secure website logins, computer system or networklogins, and/or other security situations). A user may select a preferredimage, for example from a menu of possible image choices or a personalimage provided by the user, which is presented to the user on a display.The selected image, when displayed to the user, may be used in anyauthorization or authentication procedure in which the identity of theuser needs to be ascertained. For example, when a user logs onto acomputer system, it is typically desired that security of the system bemaintained so that user data is not compromised by other users. Thus,methods and systems are desired that safeguard individual user accountsfor the respective user.

The image selected conforms to predetermined characteristics andspecifications to be optimized for use as a user authentication tool.The predetermined characteristics and specification of the selectedimage may be selected, for example, on the needs of the user in anygiven system or network and may include, but is not limited to, imagecomplexity, size or resolution. For example, the image may contain amedium to high level of complexity such that a user may easily select apredetermined area in the image when a portion of the image is selectedby the user for authentication. Also, increased complexity of the imageincreases accuracy of selection of the predetermined portion of theimage, allowing the user to accurately pinpoint the portion of the imagecorresponding to the login selection. A complex image also isadvantageous from a security standpoint in that it prevents or inhibitsunauthorized users from easily guessing the portion of the image to beindicated for successful login or authentication.

FIG. 3 illustrates an example of one aspect of the present invention inwhich an image is selected for use as an authentication tool. Aselection of images is presented to a user on a display such that theuser may select a desired image for use in the authentication procedure.Any number of images in any order or format may be used. For example, adisplay of multiple images may be presented on a display in a gridformat (e.g., as thumbnail images) as illustrated in FIG. 3. As anotherpotential option, a user could electronically page through a library ofimages (e.g., using a “NEXT” or “PREVIOUS” button) and select theauthentication image from this library. Alternatively, a user may importhis/her own image, if desired. However, for optimal performance, auser-provided image should conform to minimum resolution and complexitystandards to ensure that the image provides a high level of security andprivacy in the login process.

FIGS. 4A, 4B, and 4C illustrate an example of one aspect of theinvention in which a user selects a portion of an image on a display ina first step of user authentication according to the present invention.FIG. 4A is an image previously selected by the user as a pictographiclogin image of the present invention, and when a procedure requiringuser authentication is initiated (e.g., a computer is turned on, accessto a secure website or data file is requested, etc.), this image isdisplayed to this user. The image has sufficient complexity andresolution to provide accuracy in selection of a portion of the image,reproducibility of selection of the proper portion of the image, andfacility of the user to identify the desired portion of the image toselect. As FIG. 4A illustrates, the image selected in this example is animage of snow-covered mountains.

FIG. 4B is the display of FIG. 4A after the user has selected a portionof the image for login or authentication purposes. User selection of aportion of the image may be accomplished by any variety of input devicessuch as but not limited to a mouse, a pen, a stylus, a finger, etc. Forproper authentication, the user must select the area of the image thathas been designated as the area of the image to select for successfullog in. Thus, in this example, the area of the image to select forlog-in has been previously selected by the user, and that same area ofthe image must be subsequently selected to successfully complete thelog-in or authentication procedure. There are many other features of theselection of the image portion that may optionally be used to increaseprivacy and security. For example, the shape used to select the portionof the image may also be set to require user input in a certain shapesuch that the user must not only select the proper portion of the image,but he/she also must select the portion of the image using apredetermined shape. As will be shown, the predetermined shape used inthe present example is a circle although the invention is not limited toany particular shape. Any shape may be used, and optionally required,for authentication, without departing from the invention.

Another potential method of enhancing security is to require preselectedinput characteristics relating to additional features of the imageselection before authentication may be granted. For example, thedirection of drawing the selection may be pre-selected such that theuser may have to draw the image selection in a particular order ordirection. In this example, the direction of selecting the properportion of the image may be optionally limited to drawing the selectionin a clockwise direction or in a counter-clockwise direction. As anotherexample, the system may require user input of the selection to start ata particular spot on the circle (e.g., the 8 o'clock position) in orderto successfully authenticate. In these ways, the user may be required todraw the selection in a predetermined manner or authentication may notoccur. Also, the color of the electronic ink used for the selection maybe optionally regulated in order to provide enhanced security. Forexample, the user may be required to draw the selection of the imagewith a particular color of ink, e.g., red, selected from a color palletincluded with the authentication image. If this option is included inthe authentication procedure, a user selecting the proper portion of theimage may still fail to gain access or authorization if the user drawsthe selection with an improperly selected color. In this way, securityis further increased such that an unauthorized person would have greatdifficulty in accessing the private account, data, or other informationof another user.

To provide a high level of integrity of selection of the proper portionor area of the login image, the selection of the portion of the image bythe user may not be the precise preselected area identified by the userduring the security system set-up procedure. Due to variability andinaccuracies of the input by a human user, an authorized user may failto draw a selection around the precise desired area in the image.Rather, due to human error or slight variations in selecting the properportion of the image, the selection may be slightly skewed from theprecise location of the portion of the image. The tolerance of the skewmay depend on the individual system or network and may be calculated oradjusted based on the needs of the user, for example. Thus, the loginand authentication method and system of the present invention providefor a tolerance in the selection of the portion of the image for userauthorization. In this example, if the selection of the portion of theimage for authorization is not precisely correct but is still within anallowable range from the originally designated selection area, theauthorization process will proceed. Only if the selection is outside apredetermined tolerance level from the predetermined area will thesystem not permit the user to log in (or at least to continue into thelogin procedure). This tolerance may depend on many factors such as thecomplexity of the image, the resolution of the image used forauthentication, or the input means, to name a few. Optionally, ifdesired, systems and methods according to at least some examples of thisinvention may allow a user and/or a system administrator to select thetolerance level to maximize security while permitting authenticationwithin an acceptable range of the pre-selected input.

After the user properly selects the predetermined portion of the imagefor authentication as indicated in FIG. 4B, the system and method of thepresent invention proceeds with the authorization procedure. Proceedingwith the authorization procedure may include any number of outcomesdepending on the needs of the user or the parameters of the computersystem. For example, after the user properly selects the portion of theimage for authorization in the first step, the authorization proceduremay proceed by completing the authorization process. In that case, thecomputer may complete other login procedures (e.g., open windows tosecure information, launch programs designated in a start-up menu,etc.). Alternatively, after the user properly selects the portion of theimage for authorization in the first step, the authorization proceduremay proceed with other security and/or authentication steps that may berequired by systems and methods according to at least some examples ofthis invention prior to full completion of authorization and login. Asone more specific example, after a successful initial authenticationprocedure, another image may optionally be displayed as part of theauthorization process. In this example as illustrated in FIG. 4C, anenlarged portion of the previous image is displayed on the screen.Alternatively, a different image altogether may be used. By includingadditional layers of image selection (or other authenticationprocedures), privacy and security are markedly increased such thatunauthorized users may have great difficulty in accessing the account,system, and/or network.

As FIG. 4C illustrates, a second image is displayed after selection ofthe portion of the first image. In this example, the second imagecontains a portion that is further used for authentication of the user.For example, if the user properly selected the correct portion of thefirst image (as shown in FIG. 4B), the second image may appear, andproper selection by the user of a pre-selected portion in the secondimage enables continued authentication and/or login. For added security,a second image optionally still will be displayed even if the correctportion of the first image was not properly selected in the first step.In this way, an unauthorized user trying to compromise the system willnot be tipped off as to whether the first selection was correct orerroneous immediately after the selection of a portion of the firstimage.

In FIG. 4C, the user selects a portion of the second image. As in theselection of the first image, there may be additional features toenhance security in selection of the portion of the second imageincluding, but not limited to, specifying the color of the ink used tomake the selection, restricting the manner or shape used in selectingthe portion of the image, etc. If the user properly selects apre-determined portion of the second image within an acceptabletolerance, the authentication process may continue.

If there are further images from which to select a portion from, theprocess repeats as described until the final image is properly processedand the proper portion of the final image is selected. If all of theselections were proper, the login and authentication process is completeand the user logs into the system under his Userid in his account. Ifany one selection was erroneous, login/authentication fails. A messagemay optionally be displayed to the user indicating that authorizationhas failed.

Also, for added security, traditional methods of authentication may becombined with the authentication methods of the present invention. Forexample, a traditional display in which a user is requested to input auserid and/or a password may be combined with the authentication methodof the present invention to enhance security. In a traditional system inwhich only a userid and password is used, an unauthorized user mayaccess the account if he/she is able to obtain the authorized user'spassword. By logging into the account improperly, the unauthorized usercompromises security. However, in this example of the present inventionin which authorization by image selection is combined by the traditionalmethod(s) of authentication, multiple forms of security used inconjunction can further prevent an unauthorized user from improperlygaining access to another user's account information.

In another example of another aspect of the present invention,information may be hidden within the image displayed. There are manyknown method of hiding information within an image which may beincorporated in the present invention. For example, steganography may beused in which information is hidden in the image such that only the userknows of the existence of the information. For example, key informationof, but not limited to, the form (login name plus the key data) andhashed in one selection may be hidden steganographically into an image.As the user selects the proper portion of each consecutive image, thehidden information, such as the key code or login name, is selected. Ifa match occurs at the completion of the authorization process betweenthe stored information (e.g., key or login name) and thesteganographically hidden information selected by the user, login issuccessful.

As referred to above, there are many potential features that may beincluded and/or varied in the authentication of the present invention.Some of these variations include:

Ink color (or other characteristics, such as thickness); shape(s) drawn;number of “encirculations;” directional characteristics (e.g., linedirection, pen movement direction, etc.); position with respect to image(which may move from login to login); absolute position on the digitizerirrespective of image position; initial image selection by user;intermediate image selection by user; location(s) or number of “breaks”in an encirculation; use encirculation login in combination with otherlogin procedures, such as password entry, image selection, etc.;

Finally, the present invention also relates to computer-readable mediaincluding computer-executable instructions stored thereon for performingvarious methods and operating various systems, including the systemsand/or methods described above. The computer-readable media mayconstitute computer-executable instructions stored on the variousspecific examples of computer-readable media described above.

V. Conclusion

Various examples of the present invention have been described above, andit will be understood by those of ordinary skill that the presentinvention includes within its scope all combinations and subcombinationsof these examples. Additionally, those skilled in the art will recognizethat the above examples simply exemplify various aspects of theinvention. The various specific steps and/or architectural elementsdescribed above can be changed, functions may be added, deleted,combined, and/or changed in order without departing from the invention.Thus, various changes and modifications may be made without departingfrom the spirit and scope of the invention, as defined in the appendedclaims.

The invention claimed is:
 1. A user authentication method, comprisingacts of: displaying a first image on a display screen; receiving a firstuser input comprising a first shape that is drawn around a portion ofthe displayed first image; performing a first authentication stepcomprising verifying that the portion of the displayed first imagearound which the first shape is drawn, matches a designated portion ofthe first image that is predetermined for user authentication;displaying a second image on the display screen, wherein displaying ofthe second image provides no indication of a result of the firstauthentication step; receiving a second user input comprising a secondshape that is drawn around a portion of the displayed second image;performing a second authentication step comprising verifying that theportion of the displayed second image around which the second shape isdrawn, matches a designated portion of the second image that ispredetermined for user authentication; and determining that a user issuccessfully authenticated upon successful completion of the first andsecond authentication steps; wherein at least one of the first or secondauthentication steps further comprising: verifying that the respectivefirst or second shape matches a predetermined shape, and verifying thata direction in which the respective first or second shape is drawnmatches a predetermined direction.
 2. The method according to claim 1,further comprising an act of: allowing the user to access a computersystem when the user is determined to be successfully authenticated. 3.The method according to claim 1, wherein the second image is anenlargement of a part of the first image.
 4. The method according toclaim 1, wherein at least one of the first or the second user inputsinclude electronic ink input.
 5. The method according to claim 1,wherein at least one of the first or second authentication steps furthercomprising verifying that a color used to draw the respective first orsecond shape matches a predetermined color.
 6. The method according toclaim 1, wherein at least one of the first or second authenticationsteps further comprising verifying that the respective first or secondshape is drawn by starting at a predetermined spot of the predeterminedshape.
 7. A computer-readable storage medium includingcomputer-executable instructions stored thereon for performing steps of:displaying a first image on a display screen; receiving a first userinput comprising a first shape that is drawn around a portion of thedisplayed first image; performing a first authentication step comprisingverifying that the portion of the displayed first image around which thefirst shape is drawn, matches a designated portion of the first imagethat is predetermined for user authentication; displaying a second imageon the display screen, wherein displaying of the second image providesno indication of a result of the first authentication step; receiving asecond user input comprising a second shape that is drawn around aportion of the displayed second image; performing a secondauthentication step comprising verifying that the portion of thedisplayed second image around which the second shape is drawn, matches adesignated portion of the second image that is predetermined for userauthentication; and determining that a user is successfullyauthenticated upon successful completion of the first and secondauthentication steps; wherein at least one of the first or secondauthentication steps further comprising: verifying that the respectivefirst or second shape matches a predetermined shape, and verifying thatthe direction in which the respective first or second shape is drawnmatches a predetermined direction.
 8. A system, comprising: a displayscreen; an input system for receiving user input; and a processor systemprogrammed to: display a first image on the display screen in responseto a first user's initiation of a procedure requiring authentication ofthe first user as an authorized user, wherein the first image comprisesa designated portion of the first image that was previously selected bythe authorized user as a portion of the first image that must beproperly selected when the first image is displayed to the first userfor user authentication; receive a first user input via the inputsystem, wherein the first user input indicates a user-selected portionof the displayed first image, wherein the first user input comprises ashape that is drawn at least partially around the user-selected portionof the displayed first image; and determine that the first user inputconstitutes a proper selection of the designated portion of the firstimage for user authentication, when the first user input satisfiespre-specified conditions for proper selection of the designated portionof the first image; wherein the pre-specified conditions include: afirst condition that the user-selected portion of the displayed firstimage corresponds to the designated portion of the first image at leastwithin a permitted level of variation between the user-selected portionof the displayed first image and the designated portion of the firstimage, a second condition that the shape that is drawn at leastpartially around the user-selected portion of the displayed first imagematches a predetermined shape, and a third condition that the shape thatis drawn at least partially around the user-selected portion of thedisplayed first image is drawn by starting at a predetermined spot ofthe predetermined shape.
 9. The system according to claim 8, wherein theprocessor system is further programmed to: display a second image on thedisplay screen, wherein displaying the second image provides noindication of an improper selection of the designated portion of thefirst image, and further wherein the second image comprises a designatedportion of the second image that was previously selected by theauthorized user as a portion of the second image that must be properlyselected when the second image is displayed to the first user for userauthentication, and receive a second user input via the input system,wherein the second user input indicates a user-selected portion of thedisplayed second image, and determine if the second user inputconstitutes a proper selection of the designated portion of the secondimage for user authentication.
 10. The system according to claim 9,wherein when the second user input is determined to be a properselection of the designated portion of the second image for userauthentication, the processor system is further programmed to allow thefirst user to access a computer system.
 11. The system according toclaim 9, wherein the second image is an enlargement of a part of thefirst image.
 12. The system according to claim 9, wherein the seconduser input includes electronic ink input comprising a shape that isdrawn at least partially around the user-selected portion of thedisplayed second image.
 13. The system according to claim 12, whereinthe shape that is drawn at least partially around the user-selectedportion of the displayed second image comprises a predetermined shapethat is drawn as a condition for proper selection of the designatedportion of the second image.
 14. The system according to claim 8,wherein the processor system is further programmed to allow the firstuser to access a computer system.
 15. A system comprising: a displayscreen; a processor communicatively connected with the display screen;and a memory coupled with the processor, the memory storing executableinstructions that when executed by the processor cause the processor toeffectuate operations comprising: providing instructions to display animage on the display screen in response to an initiation of anauthentication procedure, wherein the image comprises predesignatedportions of the image that were previously selected as portions of theimage to be selected when the image is displayed for authentication;receiving a first input via an input system, wherein the first inputindicates a first selected portion of the displayed image, wherein thefirst input comprises a first shape; receiving a second input via theinput system, wherein the second input indicates a second selectedportion of the displayed image, wherein the second input comprises asecond shape; and determining that the first input and the second inputare part of proper selection of the predesignated portions of the imagefor authentication when the first input and the second input satisfypre-specified conditions for proper selection of the predesignatedportions of the image, wherein the pre-specified conditions comprise: acondition that each of the first input and the second input match apredetermined shape within a permitted level of variation, wherein thepermitted level of variation is based on the complexity of the image andwherein the predetermined shape comprises at least one of: a straightline, a curved line, or a closed shape; a condition that a firstdirection that the first shape is drawn in the first input matches afirst predetermined direction from a first predetermined starting spot;and a condition that a second direction that the second shape is drawnin the second input matches a second predetermined direction; andauthenticating the first input and the second input based in part on thepermitted level of variation.
 16. The system of claim 15, wherein thepermitted level of variation is further based on the resolution of theimage.
 17. The system of claim 15, wherein the permitted level ofvariation is further based on a type of the input.
 18. The system ofclaim 15, wherein the image is a user provided image.
 19. The system ofclaim 15, wherein the input system comprises a touch input system. 20.The system of claim 15, the operations further comprise authenticatingthe first and second inputs based on the first and second inputs meetingthe pre-specified conditions.
 21. A device comprising: a processor; anda memory coupled with the processor, the memory storing executableinstructions that, based on execution by the processor, configure theprocessor to effectuate operations comprising: displaying an image on adisplay screen in response to an initiation of an authenticationprocedure, wherein the image comprises a predesignated portion of theimage that was previously selected as a portion of the image to beselected when the image is displayed for authentication; receiving afirst input via an input system, wherein the first input indicates aselected portion of the displayed image, wherein the first inputcomprises a shape that is drawn at least partially around the selectedportion of the displayed image; and determining that the first inputconstitutes a proper selection of the predesignated portion of the imagefor authentication when the first input satisfies pre-specifiedconditions for proper selection of the predesignated portion of theimage, wherein the pre-specified conditions comprises: a condition thatthe first input matches a predetermined shape within a permitted levelof variation, wherein the permitted level of variation is based on thecomplexity of the image; and a condition that a first direction that theshape is drawn in the first input matches a first predetermineddirection from a first predetermined starting spot; and authenticatingthe first input based in part on the permitted level of variation. 22.The device of claim 21, wherein the shape is substantially circular. 23.The device of claim 21, wherein the image is a user provided image. 24.The device of claim 21, wherein the input system comprises a touch inputsystem.
 25. The device of claim 21, the processor further configured to:require that a predetermined number of shapes is received via the inputsystem for authentication.
 26. The device of claim 21 where thepre-specified conditions further comprise a condition that the firstinput matches a predetermined shape comprising at least one of a curvedline or a closed shape.
 27. The device of claim 21, wherein thepermitted level of variation is further based on the resolution of theimage.
 28. The device of claim 21, wherein the permitted level ofvariation is further based on a type of the input.
 29. A methodcomprising: displaying an image on a display screen in response to aninitiation of an authentication procedure, wherein the image comprises apredesignated portion of the image that was previously selected as aportion of the image to be selected when the image is displayed forauthentication; receiving a first input via an input system, wherein thefirst input indicates a selected portion of the displayed image, whereinthe first input comprises a shape that is drawn at least partiallyaround the selected portion of the displayed image; and determining thatthe first input constitutes a proper selection of the predesignatedportion of the image for authentication when the first input satisfiespre-specified conditions for proper selection of the predesignatedportion of the image, wherein the pre-specified conditions comprises: acondition that the first input matches a predetermined shape within apermitted level of variation, wherein the permitted level of variationis based on the complexity of the image; and a condition that a firstdirection that the shape is drawn in the first input matches a firstpredetermined direction from a first predetermined starting spot; andauthenticating the first input based in part on the permitted level ofvariation.
 30. The method of claim 29, wherein the shape issubstantially circular.
 31. The method of claim 29, wherein the image isa user provided image.
 32. The method of claim 29, wherein the inputsystem comprises a touch input system.
 33. The method of claim 29,wherein the permitted level of variation is further based on theresolution of the image.
 34. The method of claim 29, the permitted levelof variation is further based on input means.